Linux

適用於本機 Android IKEv2 IPsec 的 Strongswan swanctl 配置文件

  • December 2, 2020

Android 11 現在似乎支持 IKEv2/IPsec,所以我正在嘗試為它建構一個 roadwarrior swanctl 配置文件。到目前為止,我已經建立了 SA,但隨後立即被刪除。有什麼建議嗎?

Android VPN 配置文件具有:

  • 類型:IKEv2/IPsec PSK
  • 伺服器:moon.isuldor.com
  • IPsec 標識符:isuldor.com 上的 strongswan
  • IPsec PSK:獵人2

我的 vpn 網關有:

$ swanctl --version
strongSwan swanctl 5.9.0

$ cat /etc/swanctl/conf.d/android11.conf
connections {
   rw-isuldor {
       local_addrs = moon.isuldor.com
       pools = android11_pool4, android11_pool6
       fragmentation = yes
       send_cert = always
       rekey_time = 0s
       dpd_delay = 30s
       local {
           auth = pubkey
           certs = moon.pem
           id = moon.isuldor.com
       }
       remote {
           auth = psk
           id = strongswan at isuldor.com
       }
       children {
           moon {
               local_ts  = 0.0.0.0/0,::/0
               rekey_time = 0s
               dpd_action = clear
           }
       }
   }
}
secrets {
   ike-isuldor {
       id_isuldor = strongswan at isuldor.com
       secret = hunter2
   }
}
pools {
   android11_pool4 {
       addrs = 192.168.2.0/24
       dns = 1.1.1.1,1.0.0.1
   }
   android11_pool6 {
       addrs = 2607:9cf3:0:ae::6:1300/120
       dns = 2606:4700:4700::1111,2606:4700:4700::1001
   }
}

來自 charon-systemd 的相關日誌:

X.X.X.X is initiating an IKE_SA
IKE_SA (unnamed)[11] state change: CREATED => CONNECTING
selected proposal: IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_AES128_XCBC/MODP_3072
remote host is behind NAT
...
looking for peer configs matching Y.Y.Y.Y[moon.isuldor.com]...X.X.X.X[strongswan at isuldor.com]
selected peer config 'rw-isuldor'
authentication of 'strongswan at isuldor.com' with pre-shared key successful
...
peer requested virtual IP %any
assigning new lease to 'strongswan at isuldor.com'
assigning virtual IP 192.168.2.1 to peer 'strongswan at isuldor.com'
peer requested virtual IP %any6
assigning virtual IP <redacted> to peer 'strongswan at isuldor.com'
...
CHILD_SA moon{4} established with SPIs cba17603_i 0f8dcc81_o and TS 0.0.0.0/0 ::/0 === 192.168.2.1/32
CHILD_SA moon{4} state change: INSTALLING => INSTALLED
generating IKE_AUTH response 1 [ IDr CERT AUTH CPRP(ADDR DNS DNS) SA TSi TSr ]
splitting IKE message (2416 bytes) into 3 fragments
generating IKE_AUTH response 1 [ EF(1/3) ]
generating IKE_AUTH response 1 [ EF(2/3) ]
generating IKE_AUTH response 1 [ EF(3/3) ]
sending packet: from Y.Y.Y.Y[4500] to X.X.X.X[38733] (1236 bytes)
sending packet: from Y.Y.Y.Y[4500] to X.X.X.X[38733] (1236 bytes)
sending packet: from Y.Y.Y.Y[4500] to X.X.X.X[38733]
sending packet: from Y.Y.Y.Y[4500] to X.X.X.X[38733] (84 bytes)
sending packet: from Y.Y.Y.Y[4500] to X.X.X.X[38733]
checkin IKE_SA rw-isuldor[7]
sending packet: from Y.Y.Y.Y[4500] to X.X.X.X[38733]
checkin of IKE_SA successful
received packet: from X.X.X.X[38733] to Y.Y.Y.Y[4500]
waiting for data on sockets
checkout IKEv2 SA by message with SPIs ce7fea937528e3ca_i 115e7e1303dd7bc4_r
IKE_SA rw-isuldor[7] successfully checked out
received packet: from X.X.X.X[38733] to Y.Y.Y.Y[4500] (80 bytes)
parsed INFORMATIONAL request 2 [ D ]
received DELETE for IKE_SA rw-isuldor[7]
deleting IKE_SA rw-isuldor[7] between Y.Y.Y.Y[moon.isuldor.com]...X.X.X.X[strongswan at isuldor.com]
IKE_SA rw-isuldor[7] state change: ESTABLISHED => DELETING
IKE_SA deleted
generating INFORMATIONAL response 2 [ ]
sending packet: from Y.Y.Y.Y[4500] to X.X.X.X[38733] (80 bytes)
checkin and destroy IKE_SA rw-isuldor[7]
sending packet: from Y.Y.Y.Y[4500] to X.X.X.X[38733]
IKE_SA rw-isuldor[7] state change: DELETING => DESTROYING
CHILD_SA moon{4} state change: INSTALLED => DESTROYING
deleting policy 0.0.0.0/0 === 192.168.2.1/32 out
deleting policy 192.168.2.1/32 === 0.0.0.0/0 in
deleting policy 192.168.2.1/32 === 0.0.0.0/0 fwd
deleting SAD entry with SPI cba17603
deleted SAD entry with SPI cba17603
deleting SAD entry with SPI 0f8dcc81
deleted SAD entry with SPI 0f8dcc81
lease 192.168.2.1 by 'strongswan at isuldor.com' went offline
checkin and destroy of IKE_SA successful

更新:一旦我檢索到 android 日誌,問題就會立即顯現出來。基本上我曾經adb shell訪問過設備,然後logcat使用適當的過濾器。可能有終端應用程序也可以做到這一點。不需要根。

130|sargo:/ $ whoami
shell
130|sargo:/ $ logcat *:S IkeV2VpnRunner:V
--------- beginning of system
--------- beginning of main
[..] IkeV2VpnRunner: com.android.internal.net.ipsec.ike.exceptions.AuthenticationFailedException: Expected the remote/server to use PSK-based authentication but they used: 14

結論: swanctl 配置文件應該auth=psk在該local部分下和一個附加行為伺服器分配預共享密鑰,例如:id_moon = moon.isuldor.comsecrets.ike-isuldor. 這僅適用於 strongswan swanctl 5.9.0,但到目前為止,我無法使用早期版本重現成功5.7.2。我懷疑語法可能以某種方式發生了變化。但最終的問題是不正確的伺服器身份驗證。

正如客戶端日誌所確認的,它希望伺服器也使用 PSK 進行身份驗證,而不是證書。因此,local.auth=pubkey您不必配置local.auth=psk.

請注意,雖然 IKEv2 協議支持在伺服器上使用證書和在客戶端上使用 PSK,但它確實可以防止其他主機知道 PSK 冒充伺服器(每個客戶端都必須知道它並且可以這樣做),它具有與 IKEv2 的 PSK 身份驗證通常存在相同的問題:客戶端在驗證伺服器的身份驗證之前發送 AUTH 有效負載。主動攻擊者可以使用它通過字典或蠻力攻擊來確定弱 PSK。更安全的方法是對伺服器使用證書身份驗證,對客戶端使用基於使用者名/密碼的 EAP 方法(例如 EAP-MD5 或 EAP-MSCHAPv2),因為這樣客戶端僅在驗證伺服器證書後才發送其散列密碼。

引用自:https://serverfault.com/questions/1044090